<?php
class User extends AppModel
{
	public $name = "User";

    public $belongsTo = array('Group' => array('className' => 'Group',
                                               'conditions' => '',
                                               'order' => '',
                                               'foreignKey' => 'group_id'
                                                )
                              );

    public $hasOne = array('Business' => array('className' => 'Business',
                                               'conditions' => "",
                                               'order' => '',
                                               'foreignKey' => 'user_id'
                                                ),
                           'Account' => array('className' => 'Account',
                                              'conditions' => '',
                                              'order' => '',
                                              'foreignKey' => 'user_id'
                                               )
                            );


    public $validate = array('lastname' =>
                              array('rule' => 'notEmpty',
                                    'message' => 'Lastname is a required field'
                                      ),
                             'firstname' =>
                              array('rule' => 'notEmpty',
                                    'message' => 'Firstname is a required field'
                                      ),
                             'email' =>
                              array('emailRule-1' =>
                                     array('rule' => 'email',
                                           'message' => 'Enter a valid email address'
                                           ),
                                    'emailRule-2' =>
                                     array('rule' => 'notEmpty',
                                           'message' => 'Email address is a required field'
                                    ),
                                    'emailRule-3' =>
                                     array('rule' => 'isUnique',
                                           'message' => 'Email address is already existing'
                                    )
                                )
                             );


    public function _find($conditions)
    {
        $query = "SELECT `User`.`id`,
                         `User`.`group_id`,
                         `User`.`email`,
                         `User`.`password`,
                         `User`.`active`,
                         `User`.`date_registered`,
                         `Group`.`id`,
                         `Group`.`name`,
                         `Account`.`plan_id`,
                         `Plan`.`name`
                 FROM `users` AS `User`
                   JOIN `groups` AS `Group` ON `User`.`group_id`=`Group`.`id`
                   LEFT JOIN `accounts` AS `Account` ON `User`.`id`=`Account`.`user_id`
                   LEFT JOIN `plans` AS `Plan` ON `Account`.`plan_id`=`Plan`.`id`";

        $fieldstr = null;
        $first = true;
        foreach ($conditions as $key => $d) {
            if ($first) {
                $first = false;
            } else {
                // If not the first, put an AND in between
                if (!empty($d)) {
                    $fieldstr .= " AND ";
                }
            }
            if (!empty($d)) {
                $fieldstr .= "(" . $key . " = '" . addslashes($d) . "')";
            }
        }
        $query .= " WHERE $fieldstr";
        return self::query($query);
    }

    /**
     * check if user's login / password matches our recrods
     *
     * @param string $username
     * @param string $password
     * @return struct
     */
    public function authenticate($username, $password)
    {
		App::import('Sanitize');
		$sanitize = new Sanitize();

        $username = $santize->escape($username);
        $password = sha1($password);
        return self::find("`username` = '{$username}' AND `password` = '{$password}' AND `admin` = 1");
    }

    /**
     * Before data validation callback
     *
     * @return bool true
     */
    public function confirmPassword()
    {
        if ($this->data[$this->name]['confirm_password'] !== $this->data[$this->name]['password']) {
            return false;
        }

        return true;
    }

    /**
     * Hash password before save
     *
     * @return bool true
     */
    public function beforeSave()
    {
        if (isset($this->data[$this->name]['password'])) {
            $this->data[$this->name]['password'] = sha1($this->data[$this->name]['password']);
        }
        return true;
    }
}
?>